--- title: WAF Release - 2026-02-02 description: Cloudflare WAF managed rulesets 2026-02-02 release image: https://developers.cloudflare.com/changelog-preview.png --- [Skip to content](#%5Ftop) # Changelog New updates and improvements at Cloudflare. [ Subscribe to RSS ](https://developers.cloudflare.com/changelog/rss/index.xml) [ View RSS feeds ](https://developers.cloudflare.com/fundamentals/new-features/available-rss-feeds/) ![hero image](https://developers.cloudflare.com/_astro/hero.CVYJHPAd_26AMqX.svg) [ ← Back to all posts ](https://developers.cloudflare.com/changelog/) ## WAF Release - 2026-02-02 Feb 02, 2026 [ WAF ](https://developers.cloudflare.com/waf/) This week’s release introduces new detections for CVE-2025-64459 and CVE-2025-24893. **Key Findings** * CVE-2025-64459: Django versions prior to 5.1.14, 5.2.8, and 4.2.26 are vulnerable to SQL injection via crafted dictionaries passed to QuerySet methods and the `Q()` class. * CVE-2025-24893: XWiki allows unauthenticated remote code execution through crafted requests to the SolrSearch endpoint, affecting the entire installation. | Ruleset | Rule ID | Legacy Rule ID | Description | Previous Action | New Action | Comments | | -------------------------- | ----------- | -------------- | ---------------------------------------------------- | --------------- | ---------- | ------------------------------------------------------- | | Cloudflare Managed Ruleset | ...30698ff3 | N/A | XWiki - Remote Code Execution - CVE:CVE-2025-24893 2 | Log | Block | This is a new detection. | | Cloudflare Managed Ruleset | ...da8ba7e6 | N/A | Django SQLI - CVE:CVE-2025-64459 | Log | Block | This is a new detection. | | Cloudflare Managed Ruleset | ...8d667511 | N/A | NoSQL, MongoDB - SQLi - Comparison - 2 | Block | Block | Rule metadata description refined. Detection unchanged. |